Quick Peek at Binary Stuff (PE & ELF, and Mach-O Coming Soon)
Yo, this is peutils and elfutils, two separate tools written in Go. They're built to make binary analysis smooth and easy, covering PE and ELF file types for now. Yeah, Mach-O is on the roadmap, so chill.
Everything here is JSON-friendly, so if you hate complex formats, you're gonna love this. The whole thing is open source, licensed, and copyrighted – no funny business.
How It Works
Just run the tool from the terminal. Example for peutils:
Usage: peutils.exe <file> <command> [sectionName]
Commands:
- lib
- sym
- sections
- info
- optionalHeaders
- fileHeader
- coffSymbols
- machine
- stringTable
- time
- dwarf
- pointerSymTables
- characteristics
- ...Example Outputs
Extract symbols from a file:
PS> .\peutils.exe .\peutils.exe sym
[
"WriteFile:kernel32.dll",
"WaitForSingleObject:kernel32.dll",
"VirtualAlloc:kernel32.dll",
"LoadLibraryW:kernel32.dll",
...
]Show libraries:
PS> .\peutils.exe .\peutils.exe lib
nullCheck sections:
PS> .\peutils.exe .\peutils.exe sections .text
{
"Name": ".text",
"VirtualSize": 870029,
"VirtualAddress": 4096,
...
}If you forget a section:
PS> .\peutils.exe .\peutils.exe sections
Please specify a section name for the 'sections' command.ELF?
The elfutils tool works quite the same way, just for ELF binaries instead of PE. Same Vibes. Commands and output are consistent to keep your life easy.
After download:
privileges:
chmod +x elfutilsrun:
./elfutilsWhy Use This?
Simple commands, clear JSON output, and everything stays lightweight and fast. Great for quick checks or scripting tools. No bloat, no extra nonsense. And if you accidentally close the interface you will have a log file with the name of the file analyzed